Griffon Solutions Website Privacy Policy
Purpose
Griffon Solutions services including but not limited to, the Griffon Solutions website and other intellectual properties through which the Griffon Solutions services are delivered, are owned, operated, and distributed by Griffon Solutions.
The purpose of this Privacy Notice is to outline the personal information that Griffon Solutions may collect and process, how Griffon Solutions interacts with this information, how the personal information is safeguarded and with who the personal information is shared or transferred to.
Scope
This Privacy Notice applies to all Griffon Solutions employees (including vendors and contractors with access to Griffon Solutions information) customers, visitors, business partners and associates and any relevant stakeholders (herein after referred to as data subjects).
Griffon Solutions encourages all its interested parties and stakeholders to read this Privacy Notice.
By using the Griffon Solutions services or by submitting personal information to Griffon Solutions in any manner, the data subjects acknowledge that they understand and agree to be bound by this Privacy Notice, and agree that Griffon Solutions may collect, process, safeguard, and share/transfer personal information as described in this Policy Notice.
Furthermore, by accessing and using any of the Griffon Solutions services, the data subject(s) agrees to the Terms & Conditions of the Griffon Solutions Terms of Service.
If any data subject does not agree with any part of this Privacy Notice, such data subject is advised to not use any of the Griffon Solutions services.
What personal information does Griffon Solutions collect?
Personal Information as defined by the Protection of Personal Information Act is any identifiable information relating to a natural, living person or juristic person.
Griffon Solutions collects the following personal information from data subjects who make use of Griffon Solutions products and/or services:
Name and contact information of a data subject (person or company/organisation) – address, contact number, email address etc.
Device Information- geolocation data, IP address, unique identifiers (e.g. MAC address and UUID) etc.
Billing information – account details, account numbers etc.
Assistance Request information – company information, services rendered information, service history, etc.
Specific company/employer information.
Geographical and location information.
Travel information – booking details, flight details etc
CCTV Monitoring information – physical access control information etc.
From who does Griffon Solutions collect the personal information?
Griffon Solutions will as far as reasonably possible only collect personal information directly from the data subjects to ensure that any data subject is aware of exactly what personal information relating to them is being collected.
Griffon Solutions requires written consent from all data subjects of which it receives personal information via a third party and confirmation that the data subjects do not object to Griffon Solutions processing their personal information.
Griffon Solutions requires that all data subjects of which it receives personal information via a third party to be aware of this Griffon Solutions Privacy Policy and to take note of all the Griffon Solutions policies relating to the processing of personal information.
Griffon Solutions may also automatically collect personal information as described in the ‘Cookies, Device Data & How it is Used” section of this notice.
What are the purposes for the collection of personal information?
Griffon Solutions processes personal information for various specific purposes including, but not limited to, the following:
To provide products and/or services to data subjects.
To obtain relevant and specific products and technology from suppliers and vendors to enable Griffon Solutions to provide products and/or services to data subjects.
To establish an improvement plan for the quality of products and/or services provided by Griffon Solutions.
To identify data subjects when they contact Griffon Solutions.
To implement and maintain customer/client records.
To perform customer/client related analysis to establish specific customer/client profiles.
For administrative, financial, and contractual purposes – including tax purposes.
For legal and legislative purposes.
For health & safety purposes.
To enable the proper facilitation and security of Griffon Solutions by monitoring access to the premises and by securing the premises.
To perform all business functions relating to suppliers and business partners.
To establish a detection framework for preventing fraud and money laundering.
To enable Griffon Solutions to recover any debts.
For travel purposes.
To perform reasonable and specific market related research to identify a specific need for products and/or services from its data subjects.
To send to any data subject Griffon Solutions solicitations, product announcements, and the like that Griffon Solutions feels may be of interest to the data subject. Any data subject may “opt out” of receiving these marketing materials.
How does Griffon Solutions share data subject personal information with third parties?
The following is a list of recipients that Griffon Solutions shares personal information of data subjects with for any of the purposes outlined in this Privacy Notice:
Any other Griffon Solutions branch in South Africa and in other countries.
Carefully selected business partners associated with Griffon Solutions.
Suppliers – where applicable to provide a service related to the personal information of Griffon Solutions’ data subjects.
Service providers and representatives/agents that provide a service on Griffon Solutions’ behalf.
Any third party with who Griffon Solutions has signed an agreement to process personal information on Griffon Solutions’ behalf.
Griffon Solutions will not share personal information of data subjects with any third parties or unauthorised persons, except under the following conditions:
Where Griffon Solutions is legally obliged to provide such personal information.
Where Griffon Solutions is legally required to do so for existing or future legal proceedings.
Where Griffon Solutions is involved in the prevention of fraud, bribery, corruption, or money laundering.
Where Griffon Solutions is selling one or more of their businesses to a person to whom Griffon Solutions may legally transfer Griffon Solutions’ rights under any customer agreement signed with customers.
The sharing of such personal information is required to provide or maintain any information, products and/or service to data subjects.
Where a third party provides a service in accordance with a signed agreement to process such personal information on Griffon Solutions’ behalf.
Where the sharing of such personal information is required to assist Griffon Solutions in improving the quality of its products and/or services.
Griffon Solutions undertakes to send its data subjects proper notification in the event that it is obliged by law to share personal information pertaining to specific data subjects.
Griffon Solutions further undertakes to only disclose personal information of data subject to the government when it is legally required by law to do so.
All Griffon Solutions employees (including vendors and contractors with access to Griffon Solutions information and systems) have the responsibility to adhere to all privacy and confidentiality policies published by Griffon Solutions and to attend scheduled personal information privacy awareness sessions.
Collection of User Generated Content
Griffon Solutions may give data subjects the opportunity to post content relating to the Griffon Solutions services, including data subject comments and any other information that data subjects would like to be available on the Griffon Solutions services, which may become public. (This is referred to as User Generated Content).
When a data subject posts User Generated Content all the personal information contained in the posts will be available to authorised employees (including vendors and contractors with access to Griffon Solutions information) of Griffon Solutions.
When posting User Generated Content, all data subjects expressly acknowledge and agree that Griffon Solutions may access in real-time record and store archives of any User Generated Content on the Griffon Solutions servers to use in connection with the Griffon Solutions services.
If a data subject submits a review, recommendation, endorsement, or any other User Generated Content through Griffon Solutions services, or via any social media platform (Facebook, Instagram, Yelp, Google etc), Griffon Solutions may share such review, recommendation, endorsement, or any other User Generated Content publicly on the Griffon Solutions services.
Direct Marketing Communication
Griffon Solutions may communicate with data subjects via email, SMS, or any other channels (sometimes through automated means) for the purpose to market the Griffon Solutions products and/or services, to establish an improvement plan for the quality of products and/or services provided by Griffon Solutions, or for any other reasons stated in this Privacy Notice.
All data subjects have the opportunity to withdraw consent to receive any such direct marketing communications from Griffon Solutions, as permitted by law.
Should any data subject no longer wish to receive correspondence, emails, or any other marketing related communication from Griffon Solutions, the data subject may opt-out by submitting a request through the following form [INSERT LINK], or by clicking on the UNSUBSCRIBE link found in any marketing email communication sent to the data subject.
A data subject may express his/her/its communication preferences by:
selecting the preferred method of communication when registering an account on the Griffon Solutions website, or
logging into their account settings and updating their communication preferences, or
contacting Griffon Solutions directly via email or telephone call.
All data subjects must take note that they may continue receiving non-marketing related communication from Griffon Solutions as may be required to maintain their business relationship with Griffon Solutions.
Any data subject may receive third-party marketing communication from providers that Griffon Solutions has engaged with to market or promote its products and/or services.
These third-party providers may be using communication lists which they have acquired on their own, and data subjects may have opted-in to those lists through other channels.
Should a data subject no longer wish to receive marketing communications from such third-party providers, the data subject must contact that third party directly.
Retention of Data
Griffon Solutions will retain data subject personal information only for as long as is prescribed by the applicable legislation and laws.
Griffon Solutions will retain data subject personal information only for the purposes outlined in this Privacy Notice.
Griffon Solutions will retain and use data subject personal information to the extent necessary to comply with its legal obligations, to resolve disputes, and to enforce its legal agreements, policies, and procedures.
Griffon Solutions may also retain data subject personal information in terms of usage data for the purpose of internal analysis. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Griffon Solutions’ Sites and/or Portals, or Griffon Solutions is legally obligated to retain this data for longer periods.
Cookies, Device Data, and How it is Used
When a data subject uses Griffon Solutions services, Griffon Solutions may record unique identifiers associated with a data subject’s device (such as the device ID and IP address), the data subject activity within the Griffon Solutions services, and the data subject network location. Griffon Solutions uses aggregated information (such as anonymous user usage information, cookies, IP addresses, browser type, clickstream information, etc.) to improve the quality and design of the Griffon Solutions services and to create new features, promotions, functionality, and services by storing, tracking, and analysing user preferences and trends. Specifically, Griffon Solutions may automatically collect the following information about data subject use of Griffon Solutions services through cookies, web beacons, and other technologies:
domain name
browser type and operating system
web pages the data subject views
links the data subject clicks
IP address
the length of time a data subject visits the Sites, Portals, and/or Services
the referring URL or the webpage that led the data subject to the Sites
Griffon Solutions may also collect information regarding application-level events, such as crashes, and associate that temporarily with the data subject’s account to provide customer service. In some circumstances, Griffon Solutions may combine this information with personal information collected from a data subject (and third-party service providers may do so on behalf of Griffon Solutions).
In addition, Griffon Solutions may use "cookies," clear gifs, and log file information that will help Griffon Solutions to determine the type of content and pages to which a data subject links, the length of time a data subject spends at any particular area of the Griffon Solutions services, and the portion of the Griffon Solutions services the data subject chooses to use. A cookie is a small text file that is sent by a website to a computer or mobile device where it is stored by a web browser. A cookie contains limited information, usually a unique identifier and the name of the site. A browser has options to accept, reject or provide a data subject with notice when a cookie is sent. Griffon Solutions cookies can only be read by Griffon Solutions; they do not execute any code or virus; and they do not contain any personal information. Cookies allow Griffon Solutions to serve a data subject better and more efficiently, and to personalise a data subject’s experience with the Griffon Solutions services. Griffon Solutions may use cookies for many purposes, including (without limitation) to save a data subject’s password so that a data subject does not have to re-enter it each time he/she/it visits the Griffon Solutions services, and to deliver content (which may include third party advertisements) specific to data subject interests.
Griffon Solutions may use third-party service providers to help it analyse certain online activities. For example, these service providers may help Griffon Solutions measure the performance of its online campaigns or analyse visitor activity on the Griffon Solutions services. Griffon Solutions may permit these service providers to use cookies and other technologies to perform these services for Griffon Solutions. Griffon Solutions does not share any personal information about its customers with these third-party service providers, and these service providers do not collect such personal information on Griffon Solutions’ behalf. Griffon Solutions third-party service providers are required to comply fully with this Privacy Notice.
International Data Transfer
For data subjects located outside the [RSA], in particular in Switzerland, the United Kingdom and the European Economic Area (EEA), please note that Griffon Solutions is a South African based company. Griffon Solutions does not market to or solicit customers from outside the [RSA], therefore, users of the Griffon Solutions services should not expect to avail themselves of the rights provided under the EU’s General Data Protection Regulation (“GDPR”). If a data subject uses the Griffon Solutions services, all information, including personal information, will be transferred to Griffon Solutions in the [RSA]. By using the Griffon Solutions services, the data subject unambiguously consents to the transfer of their personal information and other information to the [RSA] and elsewhere for the purposes and uses described in this Notice. Further, the data subject acknowledges that Griffon Solutions is not subject to the GDPR or similar international privacy laws, and, therefore, the data subject will be unable to claim the privacy rights provided in those laws.
Griffon Solutions may use third-party service providers to help it deliver certain services, and it may result in the processing of personal information in data centres and locations outside of the [RSA]. For example, these service providers may provide Griffon Solutions with essential information technology or tools it uses to run Griffon Solutions’ business. Griffon Solutions may permit these service providers to process its business information and/or any data subject’s personal information. Griffon Solutions does not permit these service providers to process any personal information outside of a contract, and these service providers may collect personal information on Griffon Solutions’ behalf. Griffon Solutions’ third-party service providers are required to comply fully with this Privacy Notice.
South African Privacy Rights
If the data subject is a South African resident, South Africa law may provide the data subject with certain rights with regard to his/her/its personal information under the Protection of Personal Information Act (“POPIA”) and Promotion of Access to Information Act (“PAIA”) as well the Consumer Protection Act.
Throughout this Privacy Notice a data subject will find information required by POPIA regarding the categories of personal information collected from such data subject, the purposes for which Griffon Solutions uses personal information, and the categories of third parties the data subject’s data may be shared with. This information is current as of the date of the Notice and is applicable in the 12 months preceding the effective date of the Notice.
As a South African resident, POPIA and PAIA provide data subjects the ability to make inquiries regarding their personal information. Specifically, the degree to which the information is not already provided in this Privacy Notice, a data subject has the right to request disclosure or action on his/her/its personal information, including:
If a data subject’s personal information is collected by Griffon Solutions.
The specific pieces of personal information collected about the data subject.
The ability to correct or delete certain personal information collected about the data subject.
The ability to delete all the personal information collected about the data subject, subject to certain exceptions.
To opt-in or opt-out of direct marketing to the data subject.
To object to the processing of the data subject’s personal information.
Appeal any rejection of access to the data subject’s personal information
A data subject may submit a request regarding his/her/its rights under POPIA or PAIA by contacting Griffon Solutions via carla@griffonsolutions.co.za
If Griffon Solutions receives a POPIA request from a data subject, Griffon Solutions will first determine the applicability of the law, and it will then take steps to verify the data subject’s identity prior to responding. The steps to verify the data subject’s identity may vary based on Griffon Solutions’ relationship with the data subject, but, at a minimum, it will take the form of confirming and matching the information submitted in the request with information already held by Griffon Solutions and/or contacting the data subject through previously used channels to confirm that the data subject submitted the request.
Griffon Solutions does not knowingly collect or process the special personal information such as a data subject’s religious or philosophical beliefs, race or ethnic origins, trade union memberships, political persuasion, health or sex life, or a data subject’s criminal behaviour or biometric information.
If a data subject has a comment, question, or complaint about how Griffon Solutions is processing a data subject’s personal information, Griffon Solutions trusts that the data subject will contact Griffon Solutions at [INSERT FORM] in order to allow Griffon Solutions to resolve the matter. In addition, if a data subject is located in the Republic of South Africa, such data subject may submit a complaint regarding the processing of his/her/its personal information to the Information Regulator at the following link: https://www.justice.gov.za/inforeg/contact.html.
Third-party Advertisers
Griffon Solutions may allow other companies, called third-party ad servers or ad networks, to serve advertisements within the Griffon Solutions services.
These third-party ad servers or ad networks use technology to send, directly to a data subject’s device, the advertisements and links that appear on the Griffon Solutions services.
They automatically receive a data subject’s device ID and IP address when this happens. They may also use other technologies (such as cookies, JavaScript, or Web Beacons) to measure the effectiveness of their advertisements and to personalize the advertising content a data subject can see.
Any data subject should consult the respective privacy policies of these third-party ad servers or ad networks for more information on their practices and for instructions on how to opt-out of certain practices.
This Privacy Notice does not apply to them, and Griffon Solutions cannot control their activities.
Information Storage and Security
Griffon Solutions employs industry-standard and/or generally accepted security safeguarding measures, designed to secure the integrity and confidentiality of all information submitted through the Griffon Solutions services.
However, the security of information transmitted through the internet or via a mobile device can never be guaranteed. Griffon Solutions is not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data.
Users of the Griffon Solutions services are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of the Griffon Solutions services.
To protect user information, Griffon Solutions may suspend the user’s use of any of the Griffon Solutions services, without notice, pending an investigation, if Griffon Solutions has reasonable grounds to believe that there has been a security incident.
External Links
The Griffon Solutions services may contain links to other websites maintained by third parties. Please be aware that we exercise no control over linked sites and Griffon Solutions is not responsible for the privacy practices or the content of such sites. Each linked site maintains its own independent privacy and data collection policies and procedures, and any user is encouraged to view the privacy policies of these other sites before providing any personal information.
The data subject and/or user hereby acknowledges and agrees that Griffon Solutions is not responsible for the privacy practices, data collection policies and procedures, or the content of such third-party sites, and the data subject and/or user hereby releases Griffon Solutions from any and all claims arising out of or related to the privacy practices, data collection policies and procedures, and/or the content of such third-party sites.
Children’s Privacy
The Griffon Solutions services are not intended for children under the age of 18, and Griffon Solutions does not knowingly collect the personal information of children under the age of 18.
Changes and Reviews to this Privacy Notice
Griffon Solutions reserves the right to review and modify this Privacy Notice from time to time to ensure that it accurately reflects the regulatory environment and Griffon Solutions’ data collection principles.
When material changes are made to this Privacy Notice, Griffon Solutions will publish the revised Notice on its website.
This Privacy Notice was last modified on 1 October 2021
Contact Details
Should a data subject and/or user have any questions or comments about this Privacy Notice or the Griffon Solutions services, please contact Griffon Solutions at: carla@griffonsolutions.co.za